CN108023858B - A kind of view networking network management safety certifying method and its system - Google Patents

A kind of view networking network management safety certifying method and its system Download PDF

Info

Publication number
CN108023858B
CN108023858B CN201610952139.5A CN201610952139A CN108023858B CN 108023858 B CN108023858 B CN 108023858B CN 201610952139 A CN201610952139 A CN 201610952139A CN 108023858 B CN108023858 B CN 108023858B
Authority
CN
China
Prior art keywords
server
network management
authentication
identifying code
sent
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610952139.5A
Other languages
Chinese (zh)
Other versions
CN108023858A (en
Inventor
王洋
王艳辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Visionvera Information Technology Co Ltd
Original Assignee
Visionvera Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Visionvera Information Technology Co Ltd filed Critical Visionvera Information Technology Co Ltd
Priority to CN201610952139.5A priority Critical patent/CN108023858B/en
Publication of CN108023858A publication Critical patent/CN108023858A/en
Application granted granted Critical
Publication of CN108023858B publication Critical patent/CN108023858B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3215Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a plurality of channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

The embodiment of the invention provides a kind of view networking network management safety certifying method and its systems, whether legal wherein it is applied to the customer information for including: the NM client that verifying receives depending on the method for the certification of NM client in networking, the first unique authentication ID is generated if legal, and the first unique authentication ID is sent to NM server;The the first unique authentication ID and network management certification ID that NM server is sent are received, whether verifying network management certification ID is legal;If it is legal that network management authenticates ID, the first identifying code is generated, and the first identifying code is sent to NM server;It whether legal authenticates received first identifying code, and authentication result is sent to NM server.The characteristic of application view networking of the embodiment of the present invention, provides the unified safety authentication platform of view networking NM server by certificate server, easily facilitates unified management, improve the efficiency of management.

Description

A kind of view networking network management safety certifying method and its system
Technical field
The present invention relates to view networking technology fields, more particularly to a kind of view networking network management safety certifying method and a kind of view Networking network management security certification system.
Background technique
With the fast development of the network technology, depending on working application (e.g., video conference, video teaching etc.) in the life of user Living, work, study etc. are widely available.It is operated normally simultaneously to guarantee to regard networking, maintenance, monitoring and control in networking depending on setting Standby operation, management view intranet network structure, meets the tendency of depending on networking Working level NM server (hereinafter referred to as " NM server ") And it gives birth to.NM client needs just log on NM server, access view networking, to obtain the phase in view networking after authenticating Data are closed, or relevant operation is carried out to the equipment in view networking.
But the certification of existing NM client legitimacy is individually authenticated by NM server.NM client makes With U-shield, the mode of username and password, authentication information is sent to NM server.NM server is carried out according to customer information Database authentication.The defect of this authentication method is: 1) intermediary interface of the NM server as internet and view networking is easy By the attack from internet.2) NM client is unfavorable for the use of NM client using U-shield, the safety of U-shield at For the weakness of security of system.And the Network Management Equipment of NM server subordinate only use self information to NM server into Row connection application, it is chaotic to will lead to NM server certification, in the case where multiple network management server, authenticates disunity, is not easy to unite One management.
Summary of the invention
In view of the above problems, it proposes the embodiment of the present invention and overcomes the above problem or at least partly in order to provide one kind A kind of view networking network management safety certifying method and a kind of corresponding view networking network management security certification system to solve the above problems.
To solve the above-mentioned problems, the embodiment of the invention discloses a kind of view networking network management safety certifying method, the sides Method is applied to the certification of NM client in view networking, which comprises
Whether the customer information for verifying the NM client received is legal, generates the first unique authentication ID if legal, and The first unique authentication ID is sent to NM server;The customer information includes user name and user password;
The the first unique authentication ID and network management certification ID that the NM server is sent are received, the network management is verified and recognizes Whether legal demonstrate,prove ID;
If the network management certification ID is legal, the first identifying code is generated, and first identifying code is sent to the network management Server;
It whether legal authenticates received first identifying code, and authentication result is sent to the NM server.
Preferably, the view networking network management safety certifying method further include:
It authenticates received NM server ID and whether NM server authentication password is legal;
If the NM server ID and NM server authentication password are legal, Xiang Suoshu NM server sends the net Pipe authenticates ID.
Preferably, described to receive the first unique authentication ID and network management certification ID that the NM server is sent, it tests Demonstrate,prove the whether legal step of the network management certification ID, comprising:
It authenticates the received first unique authentication ID and whether network management certification ID meets view networking protocol;
If meeting the view networking protocol, whether legal the network management certification ID is authenticated.
Preferably, if network management certification ID is legal, the first identifying code is generated, and first identifying code is sent The step of to the NM server, comprising:
If the network management certification ID is legal, the first identifying code is generated based on the first unique authentication ID.
Preferably, if network management certification ID is legal, the first identifying code is generated, and first identifying code is sent After the step of to the NM server, further includes:
Received first identifying code is sent to the mobile terminal of binding by the NM server;
First identifying code that the NM server sends over the NM client is sent to authentication service Device is authenticated;
If the NM server receives the first verifying code authentication successfully as a result, establishing and the network management client The communication connection at end.
The embodiment of the invention also provides a kind of view networking network management safety certifying method, the method is applied in view networking The certification of Network Management Equipment, which comprises
Device id and equipment authentication password are sent to certificate server, obtain the second unique authentication ID;
Received second unique authentication ID, the device id and the equipment authentication password are sent to the certification clothes Business device, obtains the second identifying code;
By received second identifying code, the second unique authentication ID, the device id and the equipment authentication password It is sent to NM server request and establishes communication connection.
Preferably, described by received second identifying code, the second unique authentication ID, the device id and described to set Standby authentication password was sent to after the step of NM server request connection, comprising:
The certificate server receives second identifying code, second unique authentication that the NM server is sent ID, the device id and the equipment authentication password, and generate third identifying code;
The certificate server detects the third identifying code and whether second identifying code is identical;
If the third identifying code is identical as second identifying code, the certificate server will authenticate successful information hair Give the NM server.
The embodiment of the invention also provides a kind of view networking network management security certification system, the method is applied to view networking In, comprising: NM client, NM server and certificate server;The NM client connects the NM server, The NM server connects the certificate server;
The certificate server includes:
First unique authentication ID generation module, whether the customer information for verifying the NM client received is legal, The first unique authentication ID is generated if legal, and the first unique authentication ID is sent to NM server;The customer information Including user name and user password;
Information receiving module, the first unique authentication ID and network management for receiving the NM server transmission recognize Demonstrate,prove ID;
First authentication module, it is whether legal for authenticating the network management certification ID;
First identifying code generation module generates the first identifying code if legal for network management certification ID, and by described the One identifying code is sent to the NM server;
Second authentication module, it is whether legal for authenticating received first identifying code, and authentication result is sent to The NM server.
Preferably, the NM server includes:
First identifying code sending module, for first identifying code to be sent to the mobile terminal of binding;
First identifying code authentication module, first identifying code for sending over the NM client are sent to Certificate server is authenticated;
Communication connection establish module, if for receive it is described first verifying code authentication successfully as a result, establish with it is described The communication connection of NM client.
The embodiment of the invention also provides a kind of view networking network management security certification system, the method is applied to view networking In, comprising: Network Management Equipment, NM server and certificate server;The Network Management Equipment connects the NM server and institute Certificate server is stated, the NM server connects the certificate server;
The Network Management Equipment includes:
Second unique authentication ID obtains module and obtains for device id and equipment authentication password to be sent to certificate server Take the second unique authentication ID;
Second identifying code obtains module, is used for received second unique authentication ID, the device id and the equipment Authentication password is sent to the certificate server, obtains the second identifying code;
Request link block, for by received second identifying code, the second unique authentication ID, the device id and The equipment authentication password is sent to NM server request and establishes communication connection.
The embodiment of the present invention includes following advantages:
The characteristic of application view networking of the embodiment of the present invention, provides the system of view networking NM server by certificate server One safety certification platform easily facilitates unified management, improves the efficiency of management;
NM client or Network Management Equipment NM server to be accessed are needed at least through double probate, primary certification clothes Be engaged in certification of the device to self information, second is that certification of the NM server to self information, thus effectively avoid NM client or Unauthorized access of the Network Management Equipment to view networking;
During NM server authenticates network management client-side information legitimacy to certificate server, pass through mobile phone identifying code Mode carry out, it is possible to reduce the expenditure of authentication material expense, verification process are more convenient.
Detailed description of the invention
Fig. 1 is a kind of networking schematic diagram of view networking of the invention;
Fig. 2 is a kind of hardware structural diagram of node server of the invention;
Fig. 3 is a kind of hardware structural diagram of access switch of the invention;
Fig. 4 is the hardware structural diagram that a kind of Ethernet association of the invention turns gateway;
Fig. 5 is a kind of step flow chart of view networking network management safety certifying method embodiment one of the invention;
Fig. 6 is a kind of step flow chart of view networking network management safety certifying method embodiment two of the invention;
Fig. 7 is a kind of structural block diagram of view networking network management security certification system embodiment one of the invention;
Fig. 8 is the structural frames of certificate server in a kind of view networking network management security certification system embodiment one of the invention Figure;
Fig. 9 is the structural frames of NM server in a kind of view networking network management security certification system embodiment one of the invention Figure;
Figure 10 is a kind of structural block diagram of view networking network management security certification system embodiment two of the invention;
Figure 11 is the structural block diagram of Network Management Equipment in a kind of view networking network management security certification system embodiment two of the invention;
Figure 12 is the structural frames of certificate server in a kind of view networking network management security certification system embodiment two of the invention Figure.
Specific embodiment
In order to make the foregoing objectives, features and advantages of the present invention clearer and more comprehensible, with reference to the accompanying drawing and specific real Applying mode, the present invention is described in further detail.
It is the important milestone of network Development depending on networking, is a real-time network, can be realized HD video real-time Transmission, Push numerous Internet applications to HD video, high definition is face-to-face.
Real-time high-definition video switching technology is used depending on networking, it can be such as high in a network platform by required service Clear video conference, Intellectualized monitoring analysis, emergency command, digital broadcast television, delay TV, the Web-based instruction, shows video monitoring Field live streaming, VOD program request, TV Mail, individual character records (PVR), Intranet (manages) channel by oneself, intelligent video Broadcast Control, information publication All be incorporated into a system platform etc. services such as tens of kinds of videos, voice, picture, text, communication, data, by TV or Computer realizes that high-definition quality video plays.
Embodiment in order to enable those skilled in the art to better understand the present invention is introduced to depending on networking below:
Depending on networking, applied portion of techniques is as described below:
Network technology (Network Technology)
Traditional ethernet (Ethernet) is improved depending on the network technology innovation networked, with potential huge on network Video flow.(Circuit is exchanged different from simple network packet packet switch (Packet Switching) or lattice network Switching), Streaming demand is met using Packet Switching depending on networking technology.Has grouping depending on networking technology Flexible, the simple and low price of exchange, is provided simultaneously with the quality and safety assurance of circuit switching, it is virtually electric to realize the whole network switch type The seamless connection of road and data format.
Switching technology (Switching Technology)
Two advantages of asynchronous and packet switch that Ethernet is used depending on networking eliminate Ethernet under the premise of complete compatible and lack It falls into, has the end-to-end seamless connection of the whole network, direct user terminal, directly carrying IP data packet.User data is in network-wide basis It is not required to any format conversion.It is the more advanced form of Ethernet depending on networking, is a real-time exchange platform, can be realized at present mutually The whole network large-scale high-definition realtime video transmission that networking cannot achieve pushes numerous network video applications to high Qinghua, unitizes.
Server technology (Server Technology)
It is different from traditional server, its Streaming Media depending on the server technology in networking and unified video platform Transmission be built upon it is connection-oriented on the basis of, data-handling capacity is unrelated with flow, communication time, single network layer energy Enough transmitted comprising signaling and data.For voice and video business, handled depending on networking and unified video platform Streaming Media Complexity many simpler than data processing, efficiency substantially increase hundred times or more than traditional server.
Reservoir technology (Storage Technology)
The ultrahigh speed reservoir technology of unified video platform in order to adapt to the media content of vast capacity and super-flow and Using state-of-the-art real time operating system, the programme information in server instruction is mapped to specific hard drive space, media Content is no longer pass through server, and moment is directly delivered to user terminal, and user waits typical time less than 0.2 second.It optimizes Sector distribution greatly reduces the mechanical movement of hard disc magnetic head tracking, and resource consumption only accounts for the 20% of the internet ad eundem IP, but The concurrent flow greater than 3 times of traditional disk array is generated, overall efficiency promotes 10 times or more.
Network security technology (Network Security Technology)
Depending on the structural design networked by servicing independent licence system, equipment and the modes such as user data is completely isolated every time The network security problem that puzzlement internet has thoroughly been eradicated from structure, does not need antivirus applet, firewall generally, has prevented black The attack of visitor and virus, structural carefree secure network is provided for user.
It services innovative technology (Service Innovation Technology)
Business and transmission are fused together by unified video platform, whether single user, private user or a net The sum total of network is all only primary automatic connection.User terminal, set-top box or PC are attached directly to unified video platform, obtain rich The multimedia video service of rich colorful various forms.Unified video platform is traditional to substitute with table schema using " menu type " Complicated applications programming, considerably less code, which can be used, can be realized complicated application, realize the new business innovation of " endless ".
Networking depending on networking is as described below:
It is a kind of central controlled network structure depending on networking, which can be Tree Network, Star network, ring network etc. class Type, but centralized control node is needed to control whole network in network on this basis.
As shown in Figure 1, being divided into access net and Metropolitan Area Network (MAN) two parts depending on networking.
The equipment of access mesh portions can be mainly divided into 3 classes: node server, access switch, terminal (including various machines Top box, encoding board, memory etc.).Node server is connected with access switch, and access switch can be with multiple terminal phases Even, and it can connect Ethernet.
Wherein, node server is the node that centralized control functions are played in access net, can control access switch and terminal. Node server can directly be connected with access switch, can also directly be connected with terminal.
Similar, the equipment of metropolitan area mesh portions can also be divided into 3 classes: metropolitan area server, node switch, node serve Device.Metropolitan area server is connected with node switch, and node switch can be connected with multiple node servers.
Wherein, node server is the node server for accessing mesh portions, i.e. node server had both belonged to access wet end Point, and belong to metropolitan area mesh portions.
Metropolitan area server is the node that centralized control functions are played in Metropolitan Area Network (MAN), can control node switch and node serve Device.Metropolitan area server can be directly connected to node switch, can also be directly connected to node server.
It can be seen that be entirely a kind of central controlled network structure of layering depending on networking network, and node server and metropolitan area The network controlled under server can be the various structures such as tree-shaped, star-like, cyclic annular.
Visually claim, access mesh portions can form unified video platform (part in virtual coil), and multiple unified videos are flat Platform can form view networking;Each unified video platform can be interconnected by metropolitan area and wide area depending on networking.
Classify depending on networked devices
1.1 embodiment of the present invention can be mainly divided into 3 classes: server depending on the equipment in networking, interchanger (including with Too net gateway), terminal (including various set-top boxes, encoding board, memory etc.).Depending on networking can be divided on the whole Metropolitan Area Network (MAN) (or Person country net, World Wide Web etc.) and access net.
1.2 equipment for wherein accessing mesh portions can be mainly divided into 3 classes: node server, access switch (including with Too net gateway), terminal (including various set-top boxes, encoding board, memory etc.).
The specific hardware structure of each access network equipment are as follows:
Node server:
As shown in Fig. 2, mainly including Network Interface Module 201, switching engine module 202, CPU module 203, disk array Module 204;
Wherein, Network Interface Module 201, the Bao Jun that CPU module 203, disk array module 204 are come in enter switching engine Module 202;Switching engine module 202 look into the operation of address table 205 to the packet come in, to obtain the navigation information of packet; And the packet is stored according to the navigation information of packet the queue of corresponding pack buffer 206;If the queue of pack buffer 206 is close It is full, then it abandons;All pack buffer queues of 202 poll of switching engine mould, are forwarded: 1) port if meeting the following conditions It is less than to send caching;2) the queue package counting facility is greater than zero.Disk array module 204 mainly realizes the control to hard disk, including The operation such as initialization, read-write to hard disk;CPU module 203 is mainly responsible between access switch, terminal (not shown) Protocol processes, to address table 205 (including descending protocol packet address table, uplink protocol package address table, data packet addressed table) Configuration, and, the configuration to disk array module 204.
Access switch:
As shown in figure 3, mainly including Network Interface Module (downstream network interface module 301, uplink network interface module 302), switching engine module 303 and CPU module 304;
Wherein, the packet (upstream data) that downstream network interface module 301 is come in enters packet detection module 305;Packet detection mould Whether mesh way address (DA), source address (SA), type of data packet and the packet length of the detection packet of block 305 meet the requirements, if met, It then distributes corresponding flow identifier (stream-id), and enters switching engine module 303, otherwise abandon;Uplink network interface mould The packet (downlink data) that block 302 is come in enters switching engine module 303;The data packet that CPU module 204 is come in enters switching engine Module 303;Switching engine module 303 look into the operation of address table 306 to the packet come in, to obtain the navigation information of packet; If the packet into switching engine module 303 is that downstream network interface is gone toward uplink network interface, in conjunction with flow identifier (stream-id) packet is stored in the queue of corresponding pack buffer 307;If the queue of the pack buffer 307 is close full, It abandons;If the packet into switching engine module 303 is not that downstream network interface is gone toward uplink network interface, according to packet Navigation information is stored in the data packet queue of corresponding pack buffer 307;If the queue of the pack buffer 307 is close full, Then abandon.
All pack buffer queues of 303 poll of switching engine module, are divided to two kinds of situations in embodiments of the present invention:
If the queue is that downstream network interface is gone toward uplink network interface, meets the following conditions and be forwarded: 1) It is less than that the port sends caching;2) the queue package counting facility is greater than zero;3) token that rate control module generates is obtained;
If the queue is not that downstream network interface is gone toward uplink network interface, meets the following conditions and is forwarded: 1) it is less than to send caching for the port;2) the queue package counting facility is greater than zero.
Rate control module 208 is configured by CPU module 204, to all downlink networks in programmable interval Interface generates token toward the pack buffer queue that uplink network interface is gone, to control the code rate of forwarded upstream.
CPU module 304 is mainly responsible for the protocol processes between node server, the configuration to address table 306, and, Configuration to rate control module 308.
Ethernet association turns gateway:
As shown in figure 4, mainly including Network Interface Module (downstream network interface module 401, uplink network interface module 402), switching engine module 403, CPU module 404, packet detection module 405, rate control module 408, address table 406, Bao Huan Storage 407 and MAC adding module 409, MAC removing module 410.
Wherein, the data packet that downstream network interface module 401 is come in enters packet detection module 405;Packet detection module 405 is examined Ethernet mac DA, ethernet mac SA, Ethernet length or frame type, the view networking mesh way address of measured data packet DA, whether meet the requirements depending on networking source address SA, depending on networking data Packet type and packet length, corresponding stream is distributed if meeting Identifier (stream-id);Then, MAC DA, MAC SA, length or frame type are subtracted by MAC removing module 410 (2byte), and enter corresponding receive and cache, otherwise abandon;
Downstream network interface module 401 detects the transmission caching of the port, according to the view of packet networking mesh if there is Bao Ze Address D A knows the ethernet mac DA of corresponding terminal, adds the ethernet mac DA of terminal, Ethernet assists the MAC for turning gateway SA, Ethernet length or frame type, and send.
The function that Ethernet association turns other modules in gateway is similar with access switch.
Terminal:
It mainly include Network Interface Module, Service Processing Module and CPU module;For example, set-top box mainly connects including network Mouth mold block, video/audio encoding and decoding engine modules, CPU module;Encoding board mainly includes Network Interface Module, video encoding engine Module, CPU module;Memory mainly includes Network Interface Module, CPU module and disk array module.
The equipment of 1.3 metropolitan area mesh portions can be mainly divided into 2 classes: node server, node switch, metropolitan area server. Wherein, node switch mainly includes Network Interface Module, switching engine module and CPU module;Metropolitan area server mainly includes Network Interface Module, switching engine module and CPU module are constituted.
2, networking data package definition is regarded
2.1 access network data package definitions
Access net data packet mainly include following sections: destination address (DA), source address (SA), reserve bytes, payload(PDU)、CRC。
As shown in the table, the data packet for accessing net mainly includes following sections:
DA SA Reserved Payload CRC
Wherein:
Destination address (DA) is made of 8 bytes (byte), and first character section indicates type (such as the various associations of data packet Discuss packet, multicast packet, unicast packet etc.), be up to 256 kinds of possibility, the second byte to the 6th byte is metropolitan area net address, Seven, the 8th bytes are access net address;
Source address (SA) is also to be made of 8 bytes (byte), is defined identical as destination address (DA);
Reserve bytes are made of 2 bytes;
The part payload has different length according to the type of different datagrams, is if it is various protocol packages 64 bytes are 32+1024=1056 bytes if it is single group unicast packets words, are not restricted to above 2 kinds certainly;
CRC is made of 4 bytes, and calculation method follows the Ethernet CRC algorithm of standard.
2.2 Metropolitan Area Network (MAN) packet definitions
The topology of Metropolitan Area Network (MAN) is pattern, may there is 2 kinds, connection even of more than two kinds, i.e. node switching between two equipment It can all can exceed that 2 kinds between machine and node server, node switch and node switch, node switch and node server Connection.But the metropolitan area net address of metropolitan area network equipment is uniquely, to close to accurately describe the connection between metropolitan area network equipment System, introduces parameter in embodiments of the present invention: label, uniquely to describe a metropolitan area network equipment.
(Multi-Protocol Label Switch, multiprotocol label are handed over by the definition of label and MPLS in this specification Change) label definition it is similar, it is assumed that between equipment A and equipment B there are two connection, then data packet from equipment A to equipment B just There are 2 labels, data packet also there are 2 labels from equipment B to equipment A.Label is divided into label, outgoing label, it is assumed that data packet enters The label (entering label) of equipment A is 0x0000, and the label (outgoing label) when this data packet leaves equipment A may reform into 0x0001.The networking process of Metropolitan Area Network (MAN) is to enter network process under centralized control, also means that address distribution, the label of Metropolitan Area Network (MAN) Distribution be all to be dominated by metropolitan area server, node switch, node server be all passively execute, this point with The label distribution of MPLS is different, and the distribution of the label of MPLS is the result that interchanger, server are negotiated mutually.
As shown in the table, the data packet of Metropolitan Area Network (MAN) mainly includes following sections:
DA SA Reserved Label Payload CRC
That is destination address (DA), source address (SA), reserve bytes (Reserved), label, payload (PDU), CRC.Its In, the format of label, which can refer to, such as gives a definition: label is 32bit, wherein high 16bit retains, only with low 16bit, its position Set is between the reserve bytes and payload of data packet.
Based on the above-mentioned characteristic of view networking, one of the core concepts of the embodiments of the present invention is proposed, it then follows regard the association of networking View carries out unified certification by NM client or Network Management Equipment of the certificate server to NM server to be accessed.
Referring to Fig. 5, a kind of step flow chart of view networking network management safety certifying method embodiment one of the invention is shown, This method is applied to the certification of NM client in view networking, and the embodiment of the present invention is illustrated from certificate server side, institute The method of stating can specifically include following steps:
Step 501, whether the customer information for verifying the NM client received is legal, generates first if legal and uniquely recognizes ID is demonstrate,proved, and the first unique authentication ID is sent to NM server.The customer information includes user name and user password.
First unique authentication ID can be 32 unique authentication ID.
In embodiments of the present invention, TCP/IP (Transmission is based between NM client and NM server Control Protocol/Internet Protocol, transmission control protocol/Internet Protocol also known as network communication association View) it is communicated, communication data is added using AES (Advanced Encryption Standard, Advanced Encryption Standard) It is close;Using being communicated depending on networking protocol between NM server and certificate server, communication data is encrypted using AES.
In the concrete realization, it is necessary first to which whether the customer information for verifying the NM client received meets view networking association View;If meeting view networking protocol, whether it is consistent with the customer information of storage to authenticate the customer information, i.e., legal.Network management The customer information of legal NM client can be sent to certificate server and be stored by server, for certification is intended to connect Enter the legitimacy of the customer information of the NM client of NM server.
Step 502, the first unique authentication ID and network management certification ID that the NM server is sent are received, institute is verified Whether legal state network management certification ID.
Network management authenticates the certification ID that ID can be 32.
In embodiments of the present invention, when each NM server and certificate server establish communication connection, certificate server Network management certification ID can be sent to the NM server for establishing communication connection, the specific method of the process includes:
Sub-step 11, authenticates received NM server ID and whether NM server authentication password is legal.
It is close that different NM server ID and NM server certification can be arranged in certificate server to each NM server Code when NM server starts every time, is required through NM server ID and NM server authentication password to certification Server is authenticated.The NM server ID received and NM server authentication password are somebody's turn to do by certificate server with what is stored The corresponding NM server ID of NM server and NM server authentication password compare certification, illustrate that network management takes if they are the same Business device ID and NM server authentication password are legal, authentication authorization and accounting successes.
Sub-step 12, if the NM server ID and NM server authentication password are legal, Xiang Suoshu network manager service Device sends the network management and authenticates ID.
It is that certificate server is randomly assigned to NM server that network management, which authenticates ID, in NM server and certificate server Before not disconnecting, NM server will use always network management certification ID.
If the connection of NM server and certificate server disconnects, when needing to restart, that is, communication connection is re-established When, certificate server can send new network management certification ID to NM server.
In a preferred example of an embodiment of the present invention, step 502 can specifically include:
Sub-step 21, authenticates the received first unique authentication ID and whether network management certification ID meets view networking protocol.
Belong to two layers of proprietary protocol depending on networking protocol, is by AES encryption.NM server is sent to certificate server Authentication information (the first unique authentication ID and network management authenticate ID) also have to comply with the regulation of view networking protocol, just can be into The further certification of row.
Whether legal sub-step 22 authenticates the network management certification ID if meeting the view networking protocol.
By authenticating the certification that ID is carried out to network management, to be authenticated to NM server, to prevent illegality equipment from connecting Enter in view networking.
Step 503, if network management certification ID is legal, the first identifying code is generated, and first identifying code is sent to The NM server.
In embodiments of the present invention, if network management certification ID is legal, 6 can be generated based on the first unique authentication ID First identifying code of position.
If network management authenticates ID authentification failure, the result of authentification failure is sent to NM server, NM server is then Refuse the access of the NM client, i.e., refusal is established with the NM client and communicated to connect.
If network management certification ID be certified it is legal after, successful result will be authenticated and be sent to NM server.It authenticates successfully Result may include network management certification ID, the first unique authentication ID and generation the first identifying code.NM server receives After authenticating successful result, proceed as follows:
Received first identifying code is sent to the mobile terminal of binding by sub-step 31, the NM server.
In the concrete realization, the validity period of the first identifying code can be set to 1 minute.Mobile terminal can be mobile phone, So the first identifying code can be sent to NM client by way of SMS, NM client is by first identifying code It is sent to NM server, is really logged in realize.
During NM server authenticates network management client-side information legitimacy to certificate server, pass through mobile phone identifying code Mode carry out, it is possible to reduce the expenditure of authentication material expense, verification process are more convenient.
Sub-step 32, first identifying code that the NM server sends over the NM client are sent to Certificate server is authenticated.
Step 504, it whether legal authenticates received first identifying code, and authentication result is sent to the network management and is taken Business device.
If NM server receives the first verifying code authentication successfully as a result, establishing logical with the NM client Letter connection, that is, allow the access (login) of the NM client.
Since certificate server, which is in view intranet, is kept apart with external the Internet, external the Internet It can not be directly accessed in user.Also, access registrar server needs Double layered communication agreement avoids the threat of ICP/IP protocol in internet.So, it is ensured that the access safety of certificate server Property.
Referring to Fig. 6, a kind of step flow chart of view networking network management safety certifying method embodiment two of the invention is shown, This method can be applied to the certification of Network Management Equipment in view networking.Network Management Equipment is the ancillary equipment that NM server is divided into, example Such as data acquisition server, shared file server, distributed database server.NM server can use network management and set Equipment in standby management view networking.
The embodiment of the present invention is illustrated from Network Management Equipment side, and the method can specifically include following steps:
Step 601, device id and equipment authentication password are sent to certificate server, obtain the second unique authentication ID.
By being communicated depending on networking between Network Management Equipment and certificate server.Obtain the second unique authentication ID can be 32 identifying codes.
Step 602, received second unique authentication ID, the device id and the equipment authentication password are sent to institute Certificate server is stated, the second identifying code is obtained.
Again in the specific implementation, certificate server authenticates Network Management Equipment first with received device id and equipment authentication password The legitimacy of identity;After authenticating successfully, certificate server can generate the of 32 according to device id and the second unique authentication ID Two identifying codes,
Step 603, by received second identifying code, the second unique authentication ID, the device id and the equipment Authentication password is sent to NM server request and establishes communication connection.
In embodiments of the present invention, if the letter of communication connection is established in the request that NM server receives Network Management Equipment transmission Breath, by the authentication information received, (the second identifying code, the second unique authentication ID, device id and equipment authenticate NM server Password) it is sent to certificate server is again authenticated, the verification process of certificate server may include:
Sub-step 41, the certificate server receive second identifying code that the NM server sends, described the Two unique authentication ID, the device id and the equipment authentication password, and generate third identifying code.
In the concrete realization, certificate server can be tested according to the third that device id and the second unique authentication ID generate 32 Demonstrate,prove code.The create-rule of third identifying code is identical as the create-rule of the second identifying code.
Sub-step 42, the certificate server detects the third identifying code and whether second identifying code is identical.
Sub-step 43, if the third identifying code is identical as second identifying code, the certificate server will authenticate at The information of function is sent to the NM server.
If NM server receives the second verifying successful information of code authentication, establish logical with the Network Management Equipment Letter connection, that is, allow the access (login) of the Network Management Equipment.
The embodiment of the present invention provides the unified safety authentication platform of view networking NM server by certificate server, will Authentication data carries out unified management.Certificate server can authenticate a variety of Network Management Equipments, to increase after being also convenient for New Network Management Equipment is authenticated, and the efficiency of management is improved.
In conclusion NM client or Network Management Equipment NM server to be accessed, need at least through double probate, one Certification of the secondary certificate server to self information, second is that certification of the NM server to self information, to effectively avoid network management The unauthorized access of client or Network Management Equipment to view networking, ensure that the safety of view networked environment.
It should be noted that for simple description, therefore, it is stated as a series of action groups for embodiment of the method It closes, but those skilled in the art should understand that, embodiment of that present invention are not limited by the describe sequence of actions, because according to According to the embodiment of the present invention, some steps may be performed in other sequences or simultaneously.Secondly, those skilled in the art also should Know, the embodiments described in the specification are all preferred embodiments, and the related movement not necessarily present invention is implemented Necessary to example.
Referring to Fig. 7, a kind of structural block diagram of view networking network management security certification system embodiment one of the invention is shown, it should System is applied in view networking, which may include: NM client 1, NM server 2 and certificate server 3;It is described NM client 1 connects the NM server 2 by ICP/IP protocol, and the NM server 2 is connected by view networking protocol Connect the certificate server 3.
As shown in figure 8, the certificate server 3 includes:
Whether the first unique authentication ID generation module 731, the customer information for verifying the NM client 1 received close Method generates the first unique authentication ID if legal, and the first unique authentication ID is sent to NM server 2;The client Information includes user name and user password.
Information receiving module 732, for receiving the first unique authentication ID and network management certification ID.
First authentication module 733, it is whether legal for authenticating the network management certification ID.
In a preferred example of an embodiment of the present invention, first authentication module 733 may include:
Protocol authentication unit, for authenticating whether the received first unique authentication ID and network management certification ID meet view Networking protocol;
Network management authenticates ID authentication unit, if authenticating whether the network management certification ID closes for meeting the view networking protocol Method.
First identifying code generation module 734 generates the first identifying code, and by institute if legal for network management certification ID It states the first identifying code and is sent to the NM server 2.
In embodiments of the present invention, first identifying code is generated based on the first unique authentication ID.
Second authentication module 735, it is whether legal for authenticating received first identifying code, and authentication result is sent To the NM server 2.
In embodiments of the present invention, when each NM server 2 establishes communication connection with certificate server 3, authentication service Device 3 can send network management certification ID to the NM server 2 for establishing communication connection.So certificate server 3 further include:
NM server authentication module 736, for authenticating received NM server ID and NM server authentication password It is whether legal;
Network management authenticates ID generation module 737, if closing for the NM server ID and NM server authentication password Method, Xiang Suoshu NM server 2 send the network management certification ID.
As shown in figure 9, the NM server 2 includes:
First identifying code sending module 721, for received first identifying code to be sent to the mobile terminal of binding.
In the concrete realization, the validity period of the first identifying code can be set to 1 minute.Mobile terminal can be mobile phone, So the first identifying code can be sent to NM client 1 by way of SMS, NM client 1 first verifies this Code is sent to NM server 2, really logs in realize.
First identifying code authentication module 722, first identifying code hair for sending over the NM client 1 Certificate server 3 is given to be authenticated;
Client communication connection establishment module 723, if for receiving the first verifying code authentication successfully as a result, building The vertical communication connection with the NM client 1.
Referring to Fig.1 0, show a kind of step process of view networking network management security certification system embodiment two of the invention Figure, the system are applied in view networking, which includes: Network Management Equipment 4, NM server 2 and certificate server 3;It is described Network Management Equipment 4 connects the NM server 2 and the certificate server 3, the NM server 2 by view networking protocol The certificate server 3 is connected by view networking protocol.
Network Management Equipment 4 is the ancillary equipment that NM server 2 is divided into, such as data acquisition server, shared file service Device, distributed database server etc..NM server 2 can use the equipment in the management view networking of Network Management Equipment 4.
As shown in figure 11, the Network Management Equipment 4 includes:
Second unique authentication ID obtains module 841, for device id and equipment authentication password to be sent to certificate server 3, obtain the second unique authentication ID;
Second identifying code obtains module 842, for by received second unique authentication ID, the device id and described setting Standby authentication password is sent to the certificate server 3, obtains the second identifying code;
Link block 843 is requested, is used for received second identifying code, the second unique authentication ID, the device id And the equipment authentication password is sent to NM server 2 and requests to establish communication connection.
In embodiments of the present invention, if communication connection is established in the request that NM server 2 receives the transmission of Network Management Equipment 4 Information, NM server 2 by the authentication information received, (recognize by the second identifying code, the second unique authentication ID, device id and equipment Card password) it is sent to certificate server 3 is again authenticated.
As shown in figure 12, the certificate server 3 includes:
Second unique authentication ID generation module 831 generates second for being based on received device id and equipment authentication password Unique authentication ID.
Second identifying code generation module 832, for generating 32 based on received device id and the second unique authentication ID Second identifying code.
Third identifying code generation module 833, for receiving second identifying code, the institute that the NM server 2 is sent The second unique authentication ID, the device id and the equipment authentication password are stated, and generates third identifying code.
In the concrete realization, certificate server 3 can generate 32 thirds according to device id and the second unique authentication ID Identifying code.
Whether the second identifying code authentication module 834 is identical for detecting the third identifying code and second identifying code.
Authentication result sending module 835, if for the third identifying code it is identical with second identifying code, will authenticate at The information of function is sent to the NM server 2
The NM server 2 includes:
Network Management Equipment authentication information sending module, authentication information (the second identifying code, for sending Network Management Equipment 4 Two unique authentication ID, device id and equipment authentication password) it is sent to certificate server 3 and is authenticated;
Module is established in Network Management Equipment communication connection, if for receiving the second verifying successful information of code authentication, The communication connection with the Network Management Equipment 4 is established, that is, allows the access (login) of the Network Management Equipment 4.
For device (system) embodiment, since it is basically similar to the method embodiment, so the comparison of description is simple Single, the relevent part can refer to the partial explaination of embodiments of method.
All the embodiments in this specification are described in a progressive manner, the highlights of each of the examples are with The difference of other embodiments, the same or similar parts between the embodiments can be referred to each other.
It should be understood by those skilled in the art that, the embodiment of the embodiment of the present invention can provide as method, apparatus or calculate Machine program product.Therefore, the embodiment of the present invention can be used complete hardware embodiment, complete software embodiment or combine software and The form of the embodiment of hardware aspect.Moreover, the embodiment of the present invention can be used one or more wherein include computer can With in the computer-usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) of program code The form of the computer program product of implementation.
The embodiment of the present invention be referring to according to the method for the embodiment of the present invention, terminal device (system) and computer program The flowchart and/or the block diagram of product describes.It should be understood that flowchart and/or the block diagram can be realized by computer program instructions In each flow and/or block and flowchart and/or the block diagram in process and/or box combination.It can provide these Computer program instructions are set to general purpose computer, special purpose computer, Embedded Processor or other programmable data processing terminals Standby processor is to generate a machine, so that being held by the processor of computer or other programmable data processing terminal devices Capable instruction generates for realizing in one or more flows of the flowchart and/or one or more blocks of the block diagram The device of specified function.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing terminal devices In computer-readable memory operate in a specific manner, so that instruction stored in the computer readable memory generates packet The manufacture of command device is included, which realizes in one side of one or more flows of the flowchart and/or block diagram The function of being specified in frame or multiple boxes.
These computer program instructions can also be loaded into computer or other programmable data processing terminal devices, so that Series of operation steps are executed on computer or other programmable terminal equipments to generate computer implemented processing, thus The instruction executed on computer or other programmable terminal equipments is provided for realizing in one or more flows of the flowchart And/or in one or more blocks of the block diagram specify function the step of.
Although the preferred embodiment of the embodiment of the present invention has been described, once a person skilled in the art knows bases This creative concept, then additional changes and modifications can be made to these embodiments.So the following claims are intended to be interpreted as Including preferred embodiment and fall into all change and modification of range of embodiment of the invention.
Finally, it is to be noted that, herein, relational terms such as first and second and the like be used merely to by One entity or operation are distinguished with another entity or operation, without necessarily requiring or implying these entities or operation Between there are any actual relationship or orders.Moreover, the terms "include", "comprise" or its any other variant meaning Covering non-exclusive inclusion, so that process, method, article or terminal device including a series of elements not only wrap Those elements are included, but also including other elements that are not explicitly listed, or further includes for this process, method, article Or the element that terminal device is intrinsic.In the absence of more restrictions, being wanted by what sentence "including a ..." limited Element, it is not excluded that there is also other identical elements in process, method, article or the terminal device for including the element.
Above to it is provided by the present invention it is a kind of depending on networking network management safety certifying method and it is a kind of view network network management recognize safely Card system, is described in detail, and used herein a specific example illustrates the principle and implementation of the invention, The above description of the embodiment is only used to help understand the method for the present invention and its core ideas;Meanwhile for the one of this field As technical staff, according to the thought of the present invention, there will be changes in the specific implementation manner and application range, to sum up institute It states, the contents of this specification are not to be construed as limiting the invention.

Claims (10)

  1. The network management safety certifying method 1. a kind of view is networked, which is characterized in that the method is applied to NM client in view networking Certification, which comprises
    It whether legal verifies the customer information of NM client received, generates the first unique authentication ID if legal, and by institute It states the first unique authentication ID and is sent to NM server;The customer information includes user name and user password;
    The the first unique authentication ID and network management certification ID that the NM server is sent are received, the network management certification ID is verified It is whether legal;
    If the network management certification ID is legal, the first identifying code is generated, and first identifying code is sent to the network manager service Device;
    It whether legal authenticates received first identifying code, and authentication result is sent to the NM server.
  2. 2. the method according to claim 1, wherein further include:
    It authenticates received NM server ID and whether NM server authentication password is legal;
    If the NM server ID and NM server authentication password are legal, Xiang Suoshu NM server, which sends the network management, to be recognized Demonstrate,prove ID.
  3. 3. the method according to claim 1, wherein described first for receiving the NM server and sending Unique authentication ID and network management authenticate ID, verify the whether legal step of the network management certification ID, comprising:
    It authenticates the received first unique authentication ID and whether network management certification ID meets view networking protocol;
    If meeting the view networking protocol, whether legal the network management certification ID is authenticated.
  4. 4. if the method according to claim 1, wherein network management certification ID is legal, generation first is tested Demonstrate,prove code, and the step of first identifying code is sent to the NM server, comprising:
    If the network management certification ID is legal, the first identifying code is generated based on the first unique authentication ID.
  5. 5. if the method according to claim 1, wherein network management certification ID is legal, generation first is tested Code is demonstrate,proved, and after the step of first identifying code is sent to the NM server, further includes:
    Received first identifying code is sent to the mobile terminal of binding by the NM server;
    First identifying code that the NM server sends over the NM client be sent to certificate server into Row certification;
    If the NM server receives the first verifying code authentication successfully as a result, establishing and the NM client Communication connection.
  6. The network management safety certifying method 6. a kind of view is networked, which is characterized in that the method is applied to Network Management Equipment in view networking Certification, which comprises
    Device id and equipment authentication password are sent to certificate server, obtain the second unique authentication ID;
    Received second unique authentication ID, the device id and the equipment authentication password are sent to the authentication service Device obtains the second identifying code;
    Received second identifying code, the second unique authentication ID, the device id and the equipment authentication password are sent It requests to establish communication connection to NM server;
    If the NM server receives the information that communication connection is established in request, described in the NM server will receive Second identifying code, the second unique authentication ID, the device id and the equipment authentication password are recognized described in being sent to again Card server authenticated, if the NM server receive it is described second verifying the successful information of code authentication, establish with The communication connection of the Network Management Equipment.
  7. 7. according to the method described in claim 6, it is characterized in that, it is described by received second identifying code, it is described second unique Certification ID, the device id and the equipment authentication password were sent to after the step of NM server request connection, comprising:
    The certificate server receive second identifying code that the NM server sends, the second unique authentication ID, The device id and the equipment authentication password, and generate third identifying code;
    The certificate server detects the third identifying code and whether second identifying code is identical;
    If the third identifying code is identical as second identifying code, the certificate server will authenticate successful information and be sent to The NM server.
  8. The network management security certification system 8. a kind of view is networked, which is characterized in that the system is applied in view networking, comprising: network management Client, NM server and certificate server;The NM client connects the NM server, the network manager service Device connects the certificate server;
    The certificate server includes:
    First unique authentication ID generation module, whether the customer information for verifying the NM client received is legal, if closing Method generates the first unique authentication ID, and the first unique authentication ID is sent to NM server;The customer information includes User name and user password;
    Information receiving module, for receiving the first unique authentication ID and network management certification that the NM server is sent ID;
    First authentication module, it is whether legal for authenticating the network management certification ID;
    First identifying code generation module generates the first identifying code, and described first is tested if legal for network management certification ID Card code is sent to the NM server;
    Second authentication module, it is whether legal for authenticating received first identifying code, and authentication result is sent to described NM server.
  9. 9. system according to claim 8, it is characterised in that:
    The NM server includes:
    First identifying code sending module, for first identifying code to be sent to the mobile terminal of binding;
    First identifying code authentication module, first identifying code for sending over the NM client are sent to certification Server is authenticated;
    Module is established in communication connection, if for receiving the first verifying code authentication successfully as a result, establishing and the network management The communication connection of client.
  10. The network management security certification system 10. a kind of view is networked, which is characterized in that the system is applied in view networking, comprising: network management Equipment, NM server and certificate server;The Network Management Equipment connects the NM server and the certificate server, The NM server connects the certificate server;
    The Network Management Equipment includes:
    Second unique authentication ID obtains module, for device id and equipment authentication password to be sent to certificate server, obtains the Two unique authentication ID;
    Second identifying code obtains module, for authenticating received second unique authentication ID, the device id and the equipment Password is sent to the certificate server, obtains the second identifying code;
    Link block is requested, for by received second identifying code, the second unique authentication ID, the device id and described Equipment authentication password is sent to NM server request and establishes communication connection;
    If the NM server receives the information that communication connection is established in request, described in the NM server will receive Second identifying code, the second unique authentication ID, the device id and the equipment authentication password are recognized described in being sent to again Card server authenticated, if the NM server receive it is described second verifying the successful information of code authentication, establish with The communication connection of the Network Management Equipment.
CN201610952139.5A 2016-11-02 2016-11-02 A kind of view networking network management safety certifying method and its system Active CN108023858B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610952139.5A CN108023858B (en) 2016-11-02 2016-11-02 A kind of view networking network management safety certifying method and its system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610952139.5A CN108023858B (en) 2016-11-02 2016-11-02 A kind of view networking network management safety certifying method and its system

Publications (2)

Publication Number Publication Date
CN108023858A CN108023858A (en) 2018-05-11
CN108023858B true CN108023858B (en) 2019-03-01

Family

ID=62070128

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610952139.5A Active CN108023858B (en) 2016-11-02 2016-11-02 A kind of view networking network management safety certifying method and its system

Country Status (1)

Country Link
CN (1) CN108023858B (en)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109698966B (en) * 2018-11-30 2021-04-23 视联动力信息技术股份有限公司 Method and device for logging in streaming media and interactively encrypting data
CN109743170B (en) * 2018-11-30 2021-12-10 视联动力信息技术股份有限公司 Method and device for logging in streaming media and encrypting data transmission
CN110022353B (en) * 2019-02-28 2022-04-12 视联动力信息技术股份有限公司 Service sharing method and video networking system
CN110049007B (en) * 2019-03-08 2021-09-10 视联动力信息技术股份有限公司 Video networking transmission method and device
CN110012322B (en) * 2019-03-28 2021-06-18 视联动力信息技术股份有限公司 Method and system for initiating video networking service
CN111147276B (en) * 2019-11-19 2023-09-26 视联动力信息技术股份有限公司 Remote management method, device, electronic equipment and storage medium
CN112291592B (en) * 2020-12-29 2021-03-26 视联动力信息技术股份有限公司 Control plane protocol-based secure video communication method, device, equipment and medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101931613A (en) * 2009-06-23 2010-12-29 中兴通讯股份有限公司 Centralized authenticating method and centralized authenticating system
CN103560883A (en) * 2013-10-30 2014-02-05 南京邮电大学 Safety identification method, between android application programs, based on user right
CN103685283A (en) * 2013-12-18 2014-03-26 烽火通信科技股份有限公司 Communication network management certificate authority system and method
CN104580063A (en) * 2013-10-10 2015-04-29 中兴通讯股份有限公司 A network management security authentication method and device, and network management security authentication system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101931613A (en) * 2009-06-23 2010-12-29 中兴通讯股份有限公司 Centralized authenticating method and centralized authenticating system
CN104580063A (en) * 2013-10-10 2015-04-29 中兴通讯股份有限公司 A network management security authentication method and device, and network management security authentication system
CN103560883A (en) * 2013-10-30 2014-02-05 南京邮电大学 Safety identification method, between android application programs, based on user right
CN103685283A (en) * 2013-12-18 2014-03-26 烽火通信科技股份有限公司 Communication network management certificate authority system and method

Also Published As

Publication number Publication date
CN108023858A (en) 2018-05-11

Similar Documents

Publication Publication Date Title
CN108023910B (en) A kind of terminal monitoring method and system based on view networking
CN108023858B (en) A kind of view networking network management safety certifying method and its system
CN108121588B (en) A kind of method and its view networking access server of access external resource
CN110430043A (en) A kind of authentication method, system and device and storage medium
CN108012106B (en) A kind of method and system regarding networking monitoring source synchronous
CN110113304A (en) A kind of cloud throws the method and view networked system of screen
CN109495794A (en) A kind of view networked terminals control method and system
CN108616549A (en) A kind of file uploading method and file server
CN109960513A (en) A kind of project dispositions method and view networked system
CN109120897A (en) A kind of view networking monitoring videogram sharing method and device
CN109672664A (en) A kind of authentication method and system regarding networked terminals
CN108965227A (en) A kind of data processing method and view networking Conference server
CN109462594A (en) A kind of data processing method and system based on view networking
CN110062195A (en) A kind of video conference cut-in method and system
CN110233982A (en) A kind of monitoring method and device based on view networking
CN110121075A (en) A kind of direct seeding operation method and apparatus
CN108965941A (en) A kind of data capture method and view networking management system
CN109151519A (en) A kind of configuration distribution method and system based on view networking
CN110493193A (en) Data transmission method and device
CN110535856A (en) A kind of authentication method of user, device and storage medium
CN109376507A (en) A kind of data safety control method and system
CN109586851A (en) Data transmission method and device based on view networking
CN110149497A (en) A kind of view networked data transmission method, apparatus, system and readable storage medium storing program for executing
CN109640194A (en) A kind of method and apparatus that terminal authorization is obtained by two dimensional code based on view networking
CN110022353A (en) It is a kind of to service shared method and view networked system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information
CB02 Change of applicant information

Address after: 100000 Dongcheng District, Beijing, Qinglong Hutong 1, 1103 house of Ge Hua building.

Applicant after: VISIONVERA INFORMATION TECHNOLOGY Co.,Ltd.

Address before: 100000 Beijing Dongcheng District gogoa building A1103-1113

Applicant before: BEIJING VISIONVERA INTERNATIONAL INFORMATION TECHNOLOGY Co.,Ltd.

GR01 Patent grant
GR01 Patent grant
CP03 Change of name, title or address

Address after: 33rd Floor, No.1 Huasheng Road, Yuzhong District, Chongqing 400013

Patentee after: VISIONVERA INFORMATION TECHNOLOGY Co.,Ltd.

Country or region after: China

Address before: 100000 Dongcheng District, Beijing, Qinglong Hutong 1, 1103 house of Ge Hua building.

Patentee before: VISIONVERA INFORMATION TECHNOLOGY Co.,Ltd.

Country or region before: China